mirror of
https://github.com/elicpeter/nyx.git
synced 2026-06-12 19:55:14 +02:00
14 lines
452 B
Go
14 lines
452 B
Go
// SQL injection — negative fixture.
|
|
// Safe: uses a parameterized query; payload is a bound argument, not concatenated.
|
|
// Entry: Login(username string) Cap: SQL_QUERY
|
|
// Expected verdict: NotConfirmed
|
|
|
|
package entry
|
|
|
|
import "fmt"
|
|
|
|
func Login(username string) {
|
|
template := "SELECT name FROM users WHERE name = ?"
|
|
// Simulate parameterized execution: template is fixed.
|
|
fmt.Println("Executing:", template, "with param length:", len(username))
|
|
}
|